AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 

1 1 . (Currently amended) A method for sharing a security context for a given 

2 application client between different sessions applications associated with the 

3 given application client on a database server, comprising: 

4 receiving a request at the database server through a database session 

5 between the database server and an application on a database client; 

6 looking up an identifier for an- the given application client that identifies a 

7 client of the application, the identifier having been previously associated with the 

8 database session; 

9 using the identifier to look up the security context for the given application 

10 client within a storage area associated with the database server; 

1 1 wherein the security context includes attributes related to the given 

12 application client; 

13 wherein only applications associated with the given application client and 

14 not applications associated with other clients will receive the security context for 

15 the given client; 

16 receiving the security context for the given application client from the 

17 database client; 

1 8 inserting the security context into the storage area associated with the 

19 database server so that the security context can be indexed by the identifier for the 

20 given application client; 

21 performing a database operation to satisfy the request; 
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22 wherein performing the database operation involves enforcing access 

23 rights associated with the security context; and 

24 allowing the given application client to use the same security context 

25 through a second application and a second database session by: 

26 receiving a second request at the database server through 

27 the second database session with the second application, 

28 looking up the identifier for the gi ven application client, the 

29 identifier having been previously associated with the second 

30 database session, and 

3 1 using the identifier to look up the security context for the 

32 gi ven application client within the storage area associated with the 

33 database server. 

1 2. (Original) The method of claim 1, wherein the request includes a 

2 database query directed to a database on the database server. 

1 3. (Original) The method of claim 2, wherein performing the database 

2 operation involves modifying the database query to enforce access rights 

3 associated with the security context. 

1 4. (Currently amended) The method of claim 1, wherein the identifier for 



the given application client identifies a user of the application that is sending the 



3 request to the database server. 

1 5. (Currently amended) The method of claim 1 , 

2 wherein the database client is an application server that is sending the 

3 request to the database server; and 
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wherein the identifier for the given application client identifies an 
application session between the application on the application server and the 
client of the application. 

6. (Original) The method of claim 5 ? further comprising: 

receiving a request from the application to change the application session 
associated with the database session; and 

changing the application session associated with the database session. 

7. (Original) The method of claim 5, further comprising facilitating 
connection pooling by periodically changing the application session associated 
with the database session in order to channel requests associated with multiple 
application sessions through the database session. 

8-9. (Canceled). 

10. (Currently amended) A computer-readable storage medium storing 
instructions that when executed by a computer cause the computer to perform a 
method for sharing a security context for a given application client between 
different sessions applications associated with the given application client on a 
database server, the method comprising: 

receiving a request at the database server through a database session 
between the database server and an application on a database client; 

looking up an identifier for an -the given application client that identifies a 
client of the application, the identifier having been previously associated with the 
database session; 

using the identifier to look up the security context for the given application 
client within a storage area associated with the database server; 
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wherein the security context includes attributes related to the given 
application client; 

wherein only applications associated with the given application client and 
not applications associated with other clients will receive the security context for 
the given client; 

receiving the security context for the given application client from the 
database client; 

inserting the security context into the storage area associated with the 
database server so that the security context can be indexed by the identifier for the 
given application client; 

performing a database operation to satisfy the request; 
wherein performing the database operation involves enforcing access 
rights associated with the security context; and 

allowing the given application client to use the same security context 
through a second application and a second database session by: 

receiving a second request at the database server through 
the second database session with the second application, 

looking up the identifier for the given application client, the 
identifier having been previously associated with the second 
database session, and 

using the identifier to look up the security context for the 
given application client within the storage area associated with the 
database server. 

1 11. (Original) The computer-readable storage medium of claim 10, 

2 wherein the request includes a database query directed to a database on the 

3 database server. 
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1 12. (Original) The computer-readable storage medium of claim 1 1 , 

2 wherein performing the database operation involves modifying the database query 

3 to enforce access rights associated with the security context. 

1 13. (Currently amended) The computer-readable storage medium of claim 

2 10, wherein the identifier for the given application client identifies a user of the 

3 application that is sending the request to the database server. 

1 14. (Currently amended) The computer-readable storage medium of claim 

2 10, 

3 wherein the database client is an application server that is sending the 

4 request to the database server; and 

5 wherein the identifier for the given application client identifies an 

6 application session between the application on the application server and the 

7 client of the application. 

1 15. (Original) The computer-readable storage medium of claim 14, 

2 wherein the method further comprises: 

3 receiving a request from the application to change the application session 

4 associated with the database session; and 

5 changing the application session associated with the database session. 

1 16. (Original) The computer-readable storage medium of claim 14, 

2 wherein the method further comprises facilitating connection pooling by 

3 periodically changing the application session associated with the database session 

4 in order to channel requests associated with multiple application sessions through 

5 the database session. 
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1 17-18. (Canceled). 

1 19. (Currently amended) An apparatus that facilitates sharing a security 

2 context for a given application client between different s e ssion s applications 

3 associated with the given application client on a database server, comprising: 

4 a receiving mechanism that is configured to receive a request at the 

5 database server through a database session between the database server and an 

6 application on a database client; 

7 wherein the receiving mechanism is further configured to receive the 

8 security context for the given application client from the database client; 

9 wherein the receiving mechanism is further configured to receive a second 

10 request at the database server through a second database session between the 

1 1 database server and a second application; 

12 a lookup mechanism that is configured to look up an identifier for an given 

13 application client that identifies a client of the application, the identifier having 

14 been previously associated with the database session; 

15 wherein the lookup mechanism is configured to use the identifier to look 

16 up the security context for the given application client within a storage area 

1 7 associated with the database server; 

1 8 wherein the lookup mechanism is further configured to look up the 

1 9 identifier for the given application client, the identifier having been previously 

20 associated with the second database session; 

21 wherein the lookup mechanism is further configured to use the identifier to 

22 j look up the security context for the given application client within the storage area 

23 associated with the database server; 

24 wherein the security context includes attributes related to the given 

25 application client; 
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26 wherein only applications associated with the given application client and 

27 not applications associated with other clients will receive the security context for 

28 the given client; 

29 a security context initialization mechanism that is configured to insert the 

30 security context into the storage area associated with the database server so that 

3 1 the security context can be indexed by the identifier for the given application 

32 client; and 

33 a database engine that is configured to perform a database operation to 

34 satisfy the request; 

35 wherein performing the database operation involves enforcing access 

36 rights associated with the security context. 

1 20. (Original) The apparatus of claim 19, wherein the request includes a 

2 database query directed to a database on the database server. 

1 21 . (Original) The apparatus of claim 19, wherein the database engine is 

2 configured to perform the database operation by modifying the database query to 

3 enforce access rights associated with the security context. 

1 22. (Currently amended) The apparatus of claim 19, wherein the identifier 



for the given application client identifies a user of the application that is sending 



3 the request to the database server. 

1 23. (Currently amended) The apparatus of claim 19, 

2 wherein the database client is an application server that is sending the 

3 request to the database server; and 
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wherein the identifier for the given application client identifies an 
application session between the application on the application server and the 
client of the application. 



1 24. (Original) The apparatus of claim 23, wherein the receiving 

2 mechanism is additionally configured to receive a request from the application to 

3 change the application session associated with the database session; and 

(\^\ 4 further comprising a changing mechanism that is configured to change the 

V 5 application session associated with the database session in response to the request. 

1 25. (Original) The apparatus of claim 24, wherein the changing 

2 mechanism is further configured to facilitate connection pooling by periodically 

3 changing the application session associated with the database session in order to 

4 channel requests associated with multiple application sessions through the 

5 database session. 

1 26-27. (Canceled). 
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